- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
CBR40 DDOS Attack from the Inside? Weirdness happening...
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
CBR40 DDOS Attack from the Inside? Weirdness happening...
Hi all,
I have an Oribi CBR40 cable modem/router. It's at firmware release V2.5.0.28_1.0.8 and it's running the Netgear armor.
On Sunday afternoon I had issues with my internet and I saw the downstream light was flashing (which usually indicates a problem with service). I rebooted the unit and that's when I started receiving a lot of DDOS attack messages. These messages are not coming from an external IP address...they come from any/all devices attached to my home network. I did power it down for a bit and that seems to stop it for about 12 hours or so.
I had Comcast out today and they addressed some issues with my service but the problem still persists. Some of the things I've seen in the logs are multiple DCHP requests for the same device. There is one DoS message for netbios, however this is from my work laptop and it was only connected as of this morning. I also see that the router has trouble keeping the correct time and date. In the event log I also see a lot of 'Lost MMD Timeout' and MIMO event messages as well as time sync failures.
I guess my question is this: are these messages the result of a false positive due to service or equipment problems? Or is this a legit DDOS attack?
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: CBR40 DDOS Attack from the Inside? Weirdness happening...
Some more info after watching this for a bit...
The router appears to be slow. Logging in via the webpage and I see that sometimes menus time out because it took too long for a response.
There are a *lot* of DNS IP requests for a particular device. It turns out to be my iPhone which was updated this weekend. I do see a lot of chatter about iOS 15 and Wi-Fi where there can be issues. (The phone is now disconnected from the network).
My laptop changed IP addresses for no apparent reason this morning. It was 192.168.1.12 this morning and after a blip it's now 192.168.1.6. I've never seen that before.
Anyone care to take a stab at this?
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more